It's just an mprotect(2) call to change the page from R+W to R+X. It needs to happen between the JIT being done creating a hunk of code and the first execution. Basically: allocate a page, write generated machine code to the page, change page to executable, patch page in (so the code gets invoked instead of either interpretation or a baseline compiler).
I'm sure you can be smarter about it and involve locks such that you track how full "code pages" are and switch non-full pages back to writeable in order to update their content.
it's possible the old mprotect call will work if you use the appropriate initial mmap flag to get a jit region, but I would be surprised. The rules for rwx regions are already very restrictive compared to mmap/mprotect/etc APIs on other platforms.
I don't have an M1 Mac to test myself, but the "faster" mechanism doesn't involve anything in the pagetables, so I think toggling pagetable walks into the existing restrictions on RWX allocations.
I haven’t tested on a Mac recently, but I’m pretty sure that mprotect will change the base page permissions but SPRR will continue to apply (and you’ll need to call pthread_jit_write_protect_np).
It's just an mprotect(2) call to change the page from R+W to R+X. It needs to happen between the JIT being done creating a hunk of code and the first execution. Basically: allocate a page, write generated machine code to the page, change page to executable, patch page in (so the code gets invoked instead of either interpretation or a baseline compiler).
I'm sure you can be smarter about it and involve locks such that you track how full "code pages" are and switch non-full pages back to writeable in order to update their content.